Cybercriminals Target Manufacturers for Low-Hanging Fruit
Manufacturing and ransomware are beginning to make an unlikely duo that industrialists worldwide should avoid at all costs. Cybercriminals are targeting manufacturers for low-hanging fruit.
According to a recent Digital Shadows report that examined ransomware attacks in 2020, the industrial good sector accounted for 29 percent of the attacks. In fact, the number of attacks against this industry is more than those on the next three targeted sectors – construction, technology and retail – combined.
And it’s not just the mom-and-pop shops without the means to properly protect themselves feeling the heat – Palfinger, Foxconn, Steelcase, Nissan, Solarwinds and, most recently, Kia is among the household names that have fallen victim to ransomware recently.
Ransomware is a common attack technique used against manufacturers simply because it is so effective. Most manufacturers have a low tolerance for downtime, so paying the ransom right away could be less costly for their business just to regain control of it. Regulatory complications add another burden – to prevent the spread of corporate espionage, governments are enacting new, vaguely worded regulations. Compliance is then left to manufacturers, who often are not prepared to navigate the contradictory security laws. This makes the manufacturer an easy target for hackers.
Most ransomware targets the PCs and servers on the business network, but others are eyeing the industrial systems, as well. It’s troubling to think that ransomware encrypting industrial control systems commonly found in factories could be used against critical infrastructure installations like energy, water and other utilities.
Reviewing the requirements for cybersecurity and comparing them with your current policies, procedures and practices is a step in the right direction toward a successful cybersecurity program. Don’t go at it alone. Contact 2W Tech today to get started with your Cybersecurity Compliance Program.